|
3331
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that…
|
-
|
CVE-2026-8386
|
2026-06-16 03:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3332
|
- |
|
-
|
-
|
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The import…
|
CWE-787 CWE-843
Out-of-bounds Write Type Confusion
|
CVE-2026-8358
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3333
|
- |
|
-
|
-
|
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting dep…
|
CWE-193 CWE-787
Off-by-one Error Out-of-bounds Write
|
CVE-2026-8357
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3334
|
- |
|
-
|
-
|
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the fil…
|
CWE-121 CWE-787
Stack-based Buffer Overflow Out-of-bounds Write
|
CVE-2026-8356
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3335
|
- |
|
-
|
-
|
LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one typ…
|
CWE-787 CWE-843
Out-of-bounds Write Type Confusion
|
CVE-2026-6047
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3336
|
- |
|
-
|
-
|
LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the f…
|
CWE-190 CWE-787
Integer Overflow or Wraparound Out-of-bounds Write
|
CVE-2026-6045
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3337
|
- |
|
-
|
-
|
A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, …
|
CWE-416 CWE-787
Use After Free Out-of-bounds Write
|
CVE-2026-6040
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3338
|
- |
|
-
|
-
|
LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit val…
|
CWE-197 CWE-787
Numeric Truncation Error Out-of-bounds Write
|
CVE-2026-6039
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3339
|
8.7 |
HIGH
Network
|
-
|
-
|
ApostropheCMS is an open-source Node.js content management system. Versions up to and including 1.4.2 of the `@apostrophecms/seo` package injects the Google Analytics Tracking ID (`seoGoogleTrackingI…
|
CWE-79
Cross-site Scripting
|
CVE-2026-53608
|
2026-06-16 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3340
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.0 to before version 2.0.14, private services (`EnableShowInService: false`) are enumer…
|
CWE-200 CWE-285 CWE-863
Information Exposure Improper Authorization Incorrect Authorization
|
CVE-2026-49397
|
2026-06-16 03:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|